image: repository: apache/apisix-ingress-controller pullPolicy: IfNotPresent tag: "1.4.1" service: annotations: metallb.universe.tf/address-pool: internal port: 80 config: logLevel: "info" logOutput: "stderr" # the TLS certificate file path. certFile: "/etc/webhook/certs/cert.pem" # the TLS key file path. keyFile: "/etc/webhook/certs/key.pem" # the HTTP Server listen address, default is ":8080" httpListen: ":8080" # the HTTPS Server listen address, default is ":8443" httpsListen: ":8443" # the controller will use the Endpoint of this Service to # update the status information of the Ingress resource. # The format is "namespace/svc-name" to solve the situation that # the data plane and the controller are not deployed in the same namespace. ingressPublishService: "" ingressStatusAddress: [] # enable profiling via web interfaces host:port/debug/pprof, default is true. enableProfiling: true # Kubernetes related configurations. kubernetes: # the Kubernetes configuration file path, default is "", so the in-cluster # configuration will be used. kubeconfig: "" # how long should apisix-ingress-controller re-synchronizes with Kubernetes, # default is 6h, resyncInterval: "6h" # namespace list that controller will watch for resources, # by default all namespaces (represented by "*") are watched. appNamespaces: ["*"] # namespace_selector represent basis for selecting managed namespaces. # the field is support since version 1.4.0 # For example, "apisix.ingress=watching", so ingress will watching the namespaces which labels "apisix.ingress=watching" namespaceSelector: [""] # the election id for the controller leader campaign, # only the leader will watch and delivery resource changes, # other instances (as candidates) stand by. electionId: "ingress-apisix-leader" # The class of an Ingress object is set using the field IngressClassName in # Kubernetes clusters version v1.18.0 or higher or the annotation # "kubernetes.io/ingress.class" (deprecated). ingressClass: "apisix" # the supported ingress api group version, can be "networking/v1beta1", # "networking/v1" (for Kubernetes version v1.19.0 or higher), and # "extensions/v1beta1", default is "networking/v1". ingressVersion: "networking/v1" # whether to watch EndpointSlices rather than Endpoints. watchEndpointSlices: false # the supported apisixroute api group version, can be "apisix.apache.org/v2beta1" # "apisix.apache.org/v2beta2" or "apisix.apache.org/v2beta3" apisixRouteVersion: "apisix.apache.org/v2beta3" # whether to enable support for Gateway API. # Note: This feature is currently under development and may not work as expected. # It is not recommended to use it in a production environment. # Before we announce support for it to reach Beta level or GA. enableGatewayAPI: false # APISIX related configurations. apisix: serviceName: apisix-admin serviceNamespace: ingress-apisix servicePort: 9180 adminKey: "edd1c9f034335f136f87ad84b625c8f1" clusterName: "default" initContainer: image: busybox tag: 1.28 serviceMonitor: enabled: true namespace: "monitoring" interval: 15s # @param serviceMonitor.labels ServiceMonitor extra labels labels: {} # @param serviceMonitor.annotations ServiceMonitor annotations annotations: {} podSecurityContext: fsGroup: 2000 securityContext: capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000